P
US9575877B2ActiveUtilityPatentIndex 67

Method and system for testing control software of a controlled system

Assignee: HITACHI LTDPriority: Apr 29, 2014Filed: Apr 28, 2015Granted: Feb 21, 2017
Est. expiryApr 29, 2034(~7.8 yrs left)· nominal 20-yr term from priority
Inventors:ISHIGOOKA TASUKUNARISAWA FUMIOSAKURAI KOHEISURI NEERAJSAISSI HABIBPIPER THORSTENWINTER STEFAN
G06F 11/3608G06F 2117/08G06F 11/3688G06F 30/20G06F 17/5009G06F 2217/86
67
PatentIndex Score
4
Cited by
8
References
20
Claims

Abstract

A method for testing control software of a controlled system is disclosed. The method may involve providing control software code data for each of the one or more electronic control units. The method may further involve providing simulation code data for the controlled system. The method may further involve providing verification requirement information data that indicates one or more verification requirement conditions corresponding to a respective control error situation. The method may further involve creating a system model based on the provided simulation code data and the provided control software code data provided for each of the one or more electronic control units. The method may further involve creating an executable program based on the created system model and performing a software verification process on the basis of the executable program.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. Method for testing control software of a controlled system, the controlled system comprising one or more electronic control units, one or more actuators, and one or more sensors, each sensor being adapted to input a respective sensor signal to at least one of the one or more electronic control units and each actuator being adapted to act responsive to respective control signals input from at least one of the electronic control units, and each electronic control unit being configured to execute a respective executable control program based on control software code data to output one or more control signals to the one or more actuators on the basis of input sensor signals,
 the method comprising: 
 providing control software code data for each of the one or more electronic control units; 
 providing simulation code data for the controlled system; 
 providing verification requirement information data that indicates one or more verification requirement conditions corresponding to a respective control error situation; 
 creating a system model based on the provided simulation code data and the provided control software code data provided for each of the one or more electronic control units; 
 creating an executable program based on the created system model; and 
 performing a software verification process on the basis of the executable program, the software verification process comprising:
 iterating through an execution tree of the executable program according to one or more path conditions of the executable program; 
 checking, at each iteration, whether at least one of the one or more verification requirement conditions is fulfilled; and 
 notifying a user about the detection of the control error situation in case it is determined that at least one of the one or more verification requirement conditions is fulfilled, 
 
 wherein performing the software verification process on the basis of the executable program comprises performing symbolic execution on the basis of the system model. 
 
     
     
       2. Method according to  claim 1 , wherein
 creating the executable program based on the created system model comprises transferring one or more parameters of the system model into symbols for symbolic execution. 
 
     
     
       3. Method according to  claim 2 , further comprising
 providing system input information data that indicates the one or more parameters of the system model to be transferred into symbols for symbolic execution. 
 
     
     
       4. Method according to  claim 3 , wherein
 the system model comprises symbolic module code data defining a function for transferring parameters to symbols based on the provided system input information data. 
 
     
     
       5. Method according to  claim 1 , further comprising
 outputting a specific path condition associated with the detected control error situation. 
 
     
     
       6. Method according to  claim 1 , further comprising
 providing collaboration information data that indicates associations of related input parameters and output parameters of the provided control software code data and the provided simulation code data. 
 
     
     
       7. Method according to  claim 6 , wherein
 the system model comprises collaboration module code data indicating one or more functions of copying output parameters to associated input parameters based on the provided collaboration information data. 
 
     
     
       8. Method according to  claim 7 , wherein
 the collaboration module code data indicates a first function of copying output parameters of control software code data of one or more electronic control units to associated input parameters of control software code data of one or more electronic control units, a second function of copying output parameters of control software code data of one or more electronic control units to associated input parameters of the simulation code data, and/or a third function of copying output parameters of the simulation code data to associated input parameters of control software code data of one or more electronic control units. 
 
     
     
       9. Method according to  claim 1 , wherein
 the system model comprises synchronization module code data indicating synchronization between execution of one or more functions of the control software code data for the one or more electronic control units and the simulation code data for the controlled system. 
 
     
     
       10. Method according to  claim 9 , wherein
 the synchronization module code data indicates an executable function which indicates an execution order and execution timing of executable functions of the control software code data for the one or more electronic control units and the simulation code data, enabling different execution frequencies for functions of the control software code data compared to functions of the simulation code data. 
 
     
     
       11. A verification system for testing control software of a controlled system,
 the controlled system comprising one or more electronic control units, one or more actuators, and one or more sensors, each sensor being adapted to input a respective sensor signal to at least one of the one or more electronic control units and each actuator being adapted to act responsive to respective control signals input from at least one of the electronic control units, and each electronic control unit being configured to execute a respective executable control program based on control software code data to output one or more control signals to the one or more actuators on the basis of input sensor signals, 
 the verification system comprising: 
 a data providing unit configured to provide control software code data for each of the one or more electronic control units, to provide verification requirement information data that indicates one or more verification requirement conditions corresponding to a respective control error situation, and to provide simulation code data for the controlled system; 
 a system model constructor configured to create a system model based on the provided simulation code data and the provided control software code data provided for each of the one or more electronic control units; 
 a compiler configured to create an executable program based on the created system model; and 
 a verification unit configured to perform a software verification process on the basis of the executable program, the software verification process comprising:
 iterating through an execution tree of the executable program according to one or more path conditions of the executable program; 
 checking, at each iteration, whether at least one of the one or more verification requirement conditions is fulfilled; and 
 notifying a user about the detection of the control error situation in case it is determined that at least one of the one or more verification requirement conditions is fulfilled 
 
 wherein performing the software verification process on the basis of the executable program comprises performing symbolic execution on the basis of the system model. 
 
     
     
       12. Computer program product comprising computer program means storable on a non-transitory computer-readable medium and being executable by a computer device, the program means comprising executable instructions causing the computer device to perform steps of a method according to  claim 1 . 
     
     
       13. The verification system of  claim 11 , wherein
 creating the executable program based on the created system model comprises transferring one or more parameters of the system model into symbols for symbolic execution. 
 
     
     
       14. The verification system of  claim 13 , wherein
 providing system input information data that indicates the one or more parameters of the system model to be transferred into symbols for symbolic execution. 
 
     
     
       15. The verification system of  claim 14 , wherein
 the system model comprises symbolic module code data defining a function for transferring parameters to symbols based on the provided system input information data. 
 
     
     
       16. The verification system of  claim 11 , wherein
 the system model comprises synchronization module code data indicating synchronization between execution of one or more functions of the control software code data for the one or more electronic control units and the simulation code data for the controlled system. 
 
     
     
       17. The verification system of  claim 16 , wherein
 the synchronization module code data indicates an executable function which indicates an execution order and execution timing of executable functions of the control software code data for the one or more electronic control units and the simulation code data, enabling different execution frequencies for functions of the control software code data compared to functions of the simulation code data. 
 
     
     
       18. The verification system of  claim 11 , wherein the software verification process further comprises:
 outputting a specific path condition associated with the detected control error situation. 
 
     
     
       19. The method for testing control software of a controlled system of  claim 1 , wherein performing symbolic execution on the basis of the system model comprises:
 analyzing program logic corresponding to the verification requirement conditions and generating at least one corresponding symbol; 
 generating a constraint for the at least one symbol corresponding to a branch of the execution tree; and 
 determining one or more possible values for the at least one symbol that satisfy the constraint using a symbolic execution constraint solver. 
 
     
     
       20. The verification system of  claim 11 , wherein performing symbolic execution on the basis of the system model comprises:
 analyzing program logic corresponding to the verification requirement conditions and generating at least one corresponding symbol; 
 generating a constraint for the at least one symbol corresponding to a branch of the execution tree; and 
 determining one or more possible values for the at least one symbol that satisfy the constraint using a symbolic execution constraint solver.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.